<?php
session_start();
if (!isset($_SESSION["admin"]) || $_SESSION["admin"]!== true) {
    die("权限不足");
}

// 数据库连接配置
$servername = "localhost";
$username = "your_username";
$password = "your_password";
$dbname = "your_database";

// 创建连接
$conn = new mysqli($servername, $username, $password, $dbname);

// 检查连接
if ($conn->connect_error) {
    die("连接失败: ". $conn->connect_error);
}

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    if (isset($_POST["delete_user"])) {
        $userId = $_POST["user_id"];
        $sql = "DELETE FROM users WHERE id = $userId";
        if ($conn->query($sql) === TRUE) {
            echo "用户删除成功";
        } else {
            echo "Error: ". $sql. "<br>". $conn->error;
        }
    } elseif (isset($_POST["change_password"])) {
        $userId = $_POST["user_id"];
        $newPassword = $_POST["new_password"];
        $sql = "UPDATE users SET password = '$newPassword' WHERE id = $userId";
        if ($conn->query($sql) === TRUE) {
            echo "密码更改成功";
        } else {
            echo "Error: ". $sql. "<br>". $conn->error;
        }
    } elseif (isset($_POST["ban_user"])) {
        $userId = $_POST["user_id"];
        $banTime = $_POST["ban_time"]; // 禁言时间，单位为分钟
        $sql = "INSERT INTO ban_records (user_id, ban_time, banned_by) VALUES ($userId, $banTime, {$_SESSION["user_id"]})";
        if ($conn->query($sql) === TRUE) {
            echo "用户禁言成功";
        } else {
            echo "Error: ". $sql. "<br>". $conn->error;
        }
    }
}

$conn->close();
?>
